django-csp/csp/contrib/rate_limiting.py

from __future__ import annotations
from typing import TYPE_CHECKING
import random

from django.conf import settings

from csp.middleware import CSPMiddleware
from csp.utils import build_policy

if TYPE_CHECKING:
    from django.http import HttpRequest, HttpResponseBase


class RateLimitedCSPMiddleware(CSPMiddleware):
    """A CSP middleware that rate-limits the number of violation reports sent
    to report-uri by excluding it from some requests."""

    def build_policy(self, request: HttpRequest, response: HttpResponseBase) -> str:
        config = getattr(response, "_csp_config", None)
        update = getattr(response, "_csp_update", None)
        replace = getattr(response, "_csp_replace", {})
        nonce = getattr(request, "_csp_nonce", None)

        policy = getattr(settings, "CONTENT_SECURITY_POLICY", None)

        if policy is None:
            return ""

        report_percentage = policy.get("REPORT_PERCENTAGE", 100)
        include_report_uri = random.randint(0, 100) < report_percentage
        if not include_report_uri:
            replace["report-uri"] = None

        return build_policy(config=config, update=update, replace=replace, nonce=nonce)

    def build_policy_ro(self, request: HttpRequest, response: HttpResponseBase) -> str:
        config = getattr(response, "_csp_config_ro", None)
        update = getattr(response, "_csp_update_ro", None)
        replace = getattr(response, "_csp_replace_ro", {})
        nonce = getattr(request, "_csp_nonce", None)

        policy = getattr(settings, "CONTENT_SECURITY_POLICY_REPORT_ONLY", None)

        if policy is None:
            return ""

        report_percentage = policy.get("REPORT_PERCENTAGE", 100)
        include_report_uri = random.randint(0, 100) < report_percentage
        if not include_report_uri:
            replace["report-uri"] = None

        return build_policy(config=config, update=update, replace=replace, nonce=nonce, report_only=True)
Add type hints, fix mypy issues (#198) (#228) * Add basepython entries for pypy. This fixes running tox locally. * Fix the cpython version mapping in [gh-actions]. The github action tests for cpython versions are running against the latest Django, instead of the set of possible Django versions. * Add mypy for type checking * Handle case where config is None * Use getattr, setattr for dynamic attribute access - mypy complains when reading or setting a attribute that is not defined on the class, such as HttpRequest.csp_nonce. This updates the code to use getattr and setattr to access these dynamically added attributes and for Django settings. * Use tuples where requested - Both startswith() and parser.parse_statements take a tuple rather than a list. * Add type hints * Refactor ScriptTestBase - Althought the code `template.render(context)` looked similar, mypy complained that Django's Template could not take a dict. Rather than switch on types, refactor `make_context` and `make_template` into `render`, which hides the typing details between Django templates and extension templates like Jinja2. * Fix Sphinx doc generation without setuptools * Add `pip install -e ".[dev]"` * Update docs for typing, etc. * Add PEP 561 py.typed file * Bump Django dependency to 4.2+ * Replace `HttpResponse` type with `HttpResponseBase` * Update CHANGES file --------- Co-authored-by: Rob Hudson <robhudson@mozilla.com> 2024-07-01 20:16:09 +03:00			`from __future__ import annotations`
			`from typing import TYPE_CHECKING`
Report percentage (#97) * Add CSP_REPORT_PERCENTAGE option * Move report-uri throttling to csp.contrib * Remove old code * Remove old code 2018-04-06 16:47:28 +03:00			`import random`

			`from django.conf import settings`

			`from csp.middleware import CSPMiddleware`
			`from csp.utils import build_policy`

Add type hints, fix mypy issues (#198) (#228) * Add basepython entries for pypy. This fixes running tox locally. * Fix the cpython version mapping in [gh-actions]. The github action tests for cpython versions are running against the latest Django, instead of the set of possible Django versions. * Add mypy for type checking * Handle case where config is None * Use getattr, setattr for dynamic attribute access - mypy complains when reading or setting a attribute that is not defined on the class, such as HttpRequest.csp_nonce. This updates the code to use getattr and setattr to access these dynamically added attributes and for Django settings. * Use tuples where requested - Both startswith() and parser.parse_statements take a tuple rather than a list. * Add type hints * Refactor ScriptTestBase - Althought the code `template.render(context)` looked similar, mypy complained that Django's Template could not take a dict. Rather than switch on types, refactor `make_context` and `make_template` into `render`, which hides the typing details between Django templates and extension templates like Jinja2. * Fix Sphinx doc generation without setuptools * Add `pip install -e ".[dev]"` * Update docs for typing, etc. * Add PEP 561 py.typed file * Bump Django dependency to 4.2+ * Replace `HttpResponse` type with `HttpResponseBase` * Update CHANGES file --------- Co-authored-by: Rob Hudson <robhudson@mozilla.com> 2024-07-01 20:16:09 +03:00			`if TYPE_CHECKING:`
			`from django.http import HttpRequest, HttpResponseBase`

Report percentage (#97) * Add CSP_REPORT_PERCENTAGE option * Move report-uri throttling to csp.contrib * Remove old code * Remove old code 2018-04-06 16:47:28 +03:00
			`class RateLimitedCSPMiddleware(CSPMiddleware):`
			`"""A CSP middleware that rate-limits the number of violation reports sent`
			`to report-uri by excluding it from some requests."""`

Add type hints, fix mypy issues (#198) (#228) * Add basepython entries for pypy. This fixes running tox locally. * Fix the cpython version mapping in [gh-actions]. The github action tests for cpython versions are running against the latest Django, instead of the set of possible Django versions. * Add mypy for type checking * Handle case where config is None * Use getattr, setattr for dynamic attribute access - mypy complains when reading or setting a attribute that is not defined on the class, such as HttpRequest.csp_nonce. This updates the code to use getattr and setattr to access these dynamically added attributes and for Django settings. * Use tuples where requested - Both startswith() and parser.parse_statements take a tuple rather than a list. * Add type hints * Refactor ScriptTestBase - Althought the code `template.render(context)` looked similar, mypy complained that Django's Template could not take a dict. Rather than switch on types, refactor `make_context` and `make_template` into `render`, which hides the typing details between Django templates and extension templates like Jinja2. * Fix Sphinx doc generation without setuptools * Add `pip install -e ".[dev]"` * Update docs for typing, etc. * Add PEP 561 py.typed file * Bump Django dependency to 4.2+ * Replace `HttpResponse` type with `HttpResponseBase` * Update CHANGES file --------- Co-authored-by: Rob Hudson <robhudson@mozilla.com> 2024-07-01 20:16:09 +03:00			`def build_policy(self, request: HttpRequest, response: HttpResponseBase) -> str:`
Reawaken development (#204) * Update supported Django and Python versions * Update tox matrix * Update Circle CI config * Update setup.py with newer Python versions * Swap pytest-pep8 and pytest-flakes for ruff + reformat accordingly * Stop using six * Drop support for EOL Python <3.8 and Django <2.2 versions * Update changelog * Swap CircleCI for GH Actions for CI: test and relase publishing * Add pre-commit config with sensible hooks; apply those hooks * Remove inert Coveralls badge * Fold in code suggestion from PR#199 * Remove unused Python spec Co-authored-by: Tim Schilling <tim@aspiredu.com> * Fix up unnecessarily split strings, which were a side-effect of reformatting * Ensure pre-commit also runs ruff-format, to match test runs --------- Co-authored-by: Tim Schilling <tim@aspiredu.com> 2024-01-25 00:35:02 +03:00			`config = getattr(response, "_csp_config", None)`
			`update = getattr(response, "_csp_update", None)`
			`replace = getattr(response, "_csp_replace", {})`
			`nonce = getattr(request, "_csp_nonce", None)`
Report percentage (#97) * Add CSP_REPORT_PERCENTAGE option * Move report-uri throttling to csp.contrib * Remove old code * Remove old code 2018-04-06 16:47:28 +03:00
Fixes #36: Move to dictionary based settings This is a backwards incompatible change. Also fixes #139, #191 2024-05-01 22:58:56 +03:00			`policy = getattr(settings, "CONTENT_SECURITY_POLICY", None)`

			`if policy is None:`
			`return ""`

			`report_percentage = policy.get("REPORT_PERCENTAGE", 100)`
			`include_report_uri = random.randint(0, 100) < report_percentage`
Report percentage (#97) * Add CSP_REPORT_PERCENTAGE option * Move report-uri throttling to csp.contrib * Remove old code * Remove old code 2018-04-06 16:47:28 +03:00			`if not include_report_uri:`
Reawaken development (#204) * Update supported Django and Python versions * Update tox matrix * Update Circle CI config * Update setup.py with newer Python versions * Swap pytest-pep8 and pytest-flakes for ruff + reformat accordingly * Stop using six * Drop support for EOL Python <3.8 and Django <2.2 versions * Update changelog * Swap CircleCI for GH Actions for CI: test and relase publishing * Add pre-commit config with sensible hooks; apply those hooks * Remove inert Coveralls badge * Fold in code suggestion from PR#199 * Remove unused Python spec Co-authored-by: Tim Schilling <tim@aspiredu.com> * Fix up unnecessarily split strings, which were a side-effect of reformatting * Ensure pre-commit also runs ruff-format, to match test runs --------- Co-authored-by: Tim Schilling <tim@aspiredu.com> 2024-01-25 00:35:02 +03:00			`replace["report-uri"] = None`
Report percentage (#97) * Add CSP_REPORT_PERCENTAGE option * Move report-uri throttling to csp.contrib * Remove old code * Remove old code 2018-04-06 16:47:28 +03:00
Reawaken development (#204) * Update supported Django and Python versions * Update tox matrix * Update Circle CI config * Update setup.py with newer Python versions * Swap pytest-pep8 and pytest-flakes for ruff + reformat accordingly * Stop using six * Drop support for EOL Python <3.8 and Django <2.2 versions * Update changelog * Swap CircleCI for GH Actions for CI: test and relase publishing * Add pre-commit config with sensible hooks; apply those hooks * Remove inert Coveralls badge * Fold in code suggestion from PR#199 * Remove unused Python spec Co-authored-by: Tim Schilling <tim@aspiredu.com> * Fix up unnecessarily split strings, which were a side-effect of reformatting * Ensure pre-commit also runs ruff-format, to match test runs --------- Co-authored-by: Tim Schilling <tim@aspiredu.com> 2024-01-25 00:35:02 +03:00			`return build_policy(config=config, update=update, replace=replace, nonce=nonce)`
Fixes #36: Move to dictionary based settings This is a backwards incompatible change. Also fixes #139, #191 2024-05-01 22:58:56 +03:00
Add type hints, fix mypy issues (#198) (#228) * Add basepython entries for pypy. This fixes running tox locally. * Fix the cpython version mapping in [gh-actions]. The github action tests for cpython versions are running against the latest Django, instead of the set of possible Django versions. * Add mypy for type checking * Handle case where config is None * Use getattr, setattr for dynamic attribute access - mypy complains when reading or setting a attribute that is not defined on the class, such as HttpRequest.csp_nonce. This updates the code to use getattr and setattr to access these dynamically added attributes and for Django settings. * Use tuples where requested - Both startswith() and parser.parse_statements take a tuple rather than a list. * Add type hints * Refactor ScriptTestBase - Althought the code `template.render(context)` looked similar, mypy complained that Django's Template could not take a dict. Rather than switch on types, refactor `make_context` and `make_template` into `render`, which hides the typing details between Django templates and extension templates like Jinja2. * Fix Sphinx doc generation without setuptools * Add `pip install -e ".[dev]"` * Update docs for typing, etc. * Add PEP 561 py.typed file * Bump Django dependency to 4.2+ * Replace `HttpResponse` type with `HttpResponseBase` * Update CHANGES file --------- Co-authored-by: Rob Hudson <robhudson@mozilla.com> 2024-07-01 20:16:09 +03:00			`def build_policy_ro(self, request: HttpRequest, response: HttpResponseBase) -> str:`
Fixes #36: Move to dictionary based settings This is a backwards incompatible change. Also fixes #139, #191 2024-05-01 22:58:56 +03:00			`config = getattr(response, "_csp_config_ro", None)`
			`update = getattr(response, "_csp_update_ro", None)`
			`replace = getattr(response, "_csp_replace_ro", {})`
			`nonce = getattr(request, "_csp_nonce", None)`

			`policy = getattr(settings, "CONTENT_SECURITY_POLICY_REPORT_ONLY", None)`

			`if policy is None:`
			`return ""`

			`report_percentage = policy.get("REPORT_PERCENTAGE", 100)`
			`include_report_uri = random.randint(0, 100) < report_percentage`
			`if not include_report_uri:`
			`replace["report-uri"] = None`

			`return build_policy(config=config, update=update, replace=replace, nonce=nonce, report_only=True)`